PHP sudo in shell_exec

php shell root sudo shell-exec
www.data-blogger.com picture www.data-blogger.com · Apr 13, 2011 · Viewed 38.2k times · Source

I want to execute a command as root with shell_exec. Now I know this is dangerous, but believe me, you need to login with MOD_AUTH and have the right privilleges to come to this page. It's secure. How can I get this done?

Answer

Caleb picture Caleb · Apr 13, 2011

The problem isn't that your page is or isn't secure, the problem is that giving a php page the ability to run some sudo command would give it to all pages including any injected code on any insecure page on any site on the server.

That said, it might be best to make a wrapper script that does just the one job that needs doing, then give the http user access to just that ONE command as sudo

http  ALL=(ALL) NOPASSWD:/user/local/bin/your_wrapper_script.sh

Related questions

PHP shell_exec() vs exec()

I'm struggling to understand the difference between shell_exec() and exec()... I've always used exec() to execute server side commands, when would I use shell_exec()? Is shell_exec() just a shorthand for exec()? It seems to be the same …

Read More
How to execute PHP code from the command line?

I would like to execute a single php statement like if(function_exists("my_func")) echo 'function exists'; directly with the command line without having to use a seperate php file. How is it possible ?

Read More
How To Run PHP From Windows Command Line in WAMPServer

I'm new to php and wanted to run php from command line. I have installed WAMP and set the "System Variables" to my php folder ( which is C:\wamp\bin\php\php5.4.3). When i go to Run -> CMD …

Read More